This invention relates to systems and methods for facilitating communications and or commercial transactions over a public network, such as the Internet. More particularly, this invention relates to systems and methods for conducting secure online transactions.
Due to the development of the World Wide Web (“Web”), online commerce over the Internet has experienced dramatic growth in recent years. The Internet is used to conduct a broad range of commercial and financial transactions. Parties often use the communication capabilities of the Internet to enter into contracts or conduct business electronically and use electronic fund transfers (EFTs) to satisfy the resulting financial obligations. An EFT involves the movement of funds from one bank account to another in response to electronically-communicated payment instructions.
For example, an increasing number of merchants are developing websites that consumers may access and use to purchase goods and/or services from a computer or a mobile computing device (e.g., a mobile phone). It is now common for a consumer to browse a merchant's online catalog, select a product, place an order for the product, and pay for the product all electronically over the Internet.
Although the Internet offers a fast, reliable, and efficient way to communicate and conduct business, information transmitted over the Internet of other global networks may be vulnerable to security breaches. For example, consumers typically pay for the goods and/or services ordered over the Internet with a credit card. During the online transaction, the merchant sends an order form and asks the consumer to enter personal data such as his name, address, and telephone number, and credit card information such as an account number and expiration date. The consumer returns the completed order form containing the credit card information to the merchant over the Internet. The merchant verifies that the credit card information is valid and that the card can be charged the payment amount. The card verification is usually conducted over a proprietary card verification network, such as the VisaNet network.
One problem with traditional online credit card transactions is the lack of signature verification. Presently, an online merchant has no way to verify that the individual providing the credit card number is authorized to use the card. The card number may be from a stolen card or merely copied from an old credit card receipt. Another problem concerns the security of the credit card data as it travels over the Internet. The credit card information can be intercepted en route, copied into a database and used to make unauthorized purchases. In an automated environment, a thief can repeatedly use the stolen credit card information to readily conduct many online transactions before the consumer ever becomes aware that the credit card data has been stolen.